I have a strange problem. I have a RAP, which is working perfectly. The RAP is situated at my home office, behind a Cisco router with one public IP address. The controller is situated at the corporate office. The controller is broadcasting a simple WPA2 PSK SSID at the corporate network in tunneled mode and the SSID is terminated on a local corporate network.
I can connect to the corporate SSID when I am at the office and I can browse internal resources and the internet without any problems. I have a NAS at my home office, which is available at the internet via a NAT mapping on the Cisco. I can access this NAS from everywhere on the public IP address of my home office, except when I am at the corporate office.
I did a Wireshark on the corporate firewall and when I try to access my home public IP via ssh, http, https or what ever, the traffic isn't coming in or going out through the corporate firewall. It looks like the traffic is blocked or discarded or routed somewhere else by the wireless controller, but I cannot find where.
To be sure that the problem isn't the firewall at the corporate office, I configured a stand-alone Cisco AP with the same SSID and PSK in the same corporate VLAN. I can access my home network when I connect to the Cisco AP. So I am almost 100% sure that the problem is caused by the Aruba controller.
Is anyone familiar with this problem or is this by design for public IP addresses of a RAP?